[70418] branches/gsoc10-configfiles/base/src/cregistry/entry.c
Andrea D'Amore
and.damore at macports.org
Mon Aug 9 07:03:32 PDT 2010
On Mon, Aug 9, 2010 at 3:14 PM, Rainer Müller <raimue at macports.org> wrote:
> There is no security required for this task, so why would it matter? The
> existing code was always using MD5 for the checksum of imaged files, but
> it was just not being stored in registry2.0 (registry1.0 did).
Exactly, this isn't aimed at security.
> This is only used to check if a file has been modified, so any checksum
> algorithm will do. Why would someone specifically craft a file that
> produces the same checksum just to fool this test?
The odds that this would happen in a real use scenario are small
enough to be ignored, IMO.
> Rainer
--
Andrea
More information about the macports-dev
mailing list